FreeType: Multiple vulnerabilities
Gentoo Linux Security Advisory
||GLSA 201204-04 / FreeType
||April 17, 2012
||April 17, 2012: 1
All supported architectures
Multiple vulnerabilities have been found in FreeType, allowing
remote attackers to possibly execute arbitrary code or cause Denial of
FreeType is a high-quality and portable font engine.
Multiple vulnerabilities have been discovered in FreeType. Please review
the CVE identifiers referenced below for details.
A remote attacker could entice a user to open a specially crafted font,
possibly resulting in execution of arbitrary code with the privileges of
the user running the application, or a Denial of Service condition.
There is no known workaround at this time.
All FreeType users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/freetype-2.4.9"